US11343108B2 - Generation of composite private keys - Google Patents

Generation of composite private keys Download PDF

Info

Publication number
US11343108B2
US11343108B2 US16/900,671 US202016900671A US11343108B2 US 11343108 B2 US11343108 B2 US 11343108B2 US 202016900671 A US202016900671 A US 202016900671A US 11343108 B2 US11343108 B2 US 11343108B2
Authority
US
United States
Prior art keywords
bitstream
selector
addressable
puf
stream
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US16/900,671
Other versions
US20200396091A1 (en
Inventor
Dennis D Booher
Bertrand F CAMBOU
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Northern Arizona University
Original Assignee
Northern Arizona University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Northern Arizona University filed Critical Northern Arizona University
Priority to US16/900,671 priority Critical patent/US11343108B2/en
Assigned to ARIZONA BOARD OF REGENTS ON BEHALF OF NORTHERN ARIZONA UNIVERSITY reassignment ARIZONA BOARD OF REGENTS ON BEHALF OF NORTHERN ARIZONA UNIVERSITY ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BOOHER, DENNIS D, CAMBOU, BERTRAND F
Publication of US20200396091A1 publication Critical patent/US20200396091A1/en
Application granted granted Critical
Publication of US11343108B2 publication Critical patent/US11343108B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/304Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy based on error correction codes, e.g. McEliece
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Definitions

  • Conventional secure communication techniques involve transmitting encrypted information over a channel such as an electrical transmission line, a fiber-optic cable, or through free space using electromagnetic waves.
  • Such techniques make use of cryptographic methods utilizing shared secrets (i.e., a cryptographic key) between a sender and a receiver to ensure that only the intended parties can properly encode and decode a message.
  • shared secrets i.e., a cryptographic key
  • the sender and receiver may share cryptographic tables or exchange information between them to arrive at a shared key.
  • the length of the shared keys used and the number of available keys will depend upon memory limitations and/or available communications bandwidth.
  • a method includes receiving an initial instruction from a remote computing device using a client computing device having an addressable cryptographic table, retrieving first and second bitstreams having different lengths from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, outputting the first bit values as the first bitstream and the second bit values as the second bitstream, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
  • the method includes determining, as the different lengths of the first and second bitstream, two co-prime integers, and selecting a product of the different lengths as the desired length.
  • the method includes selecting a permutation instruction from a set of allowed permutation instructions defined in memory of the computing device, applying one or more permutation instructions or logical operations to the selector stream to produce additional selector streams, and forming additional composite encryption keys by selecting values of the data stream identified by corresponding values of respective additional selector strings.
  • applying the one or more permutation instructions or logical operations includes applying a unique permutation function that uniquely reorders values of the selector stream to produce each additional selector stream.
  • retrieving the first and second bitstreams from the addressable cryptographic table comprises measuring physical characteristics of physical unclonable function (“PUF”) devices of a PUF array of the computing device at addresses in the PUF array derived from the initial instruction.
  • measuring the physical characteristics of the PUF devices of the PUF array comprises repeatedly measuring each PUF device and returning values for each PUF device based on statistical characteristics of the repeated measurements of that PUF device.
  • the method includes encoding into the first composite encryption key an error correction code, and executing an error correction method on the first composite encryption key using parity bits, data helpers, response based cryptographic methods, ternary cryptography, and fuzzy extractors.
  • a device in an embodiment, includes a processor and a memory coupled to the processor.
  • the memory stores instructions that, when executed by the processor, cause the processor to perform the steps of receiving an initial instruction from a remote computing device using a client computing device having an addressable cryptographic table, retrieving first and second bitstreams having different lengths from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, outputting the first bit values as the first bitstream and the second bit values as the second bitstream, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
  • a device in an embodiment, includes a processor and a memory coupled to the processor.
  • the memory stores instructions that, when executed by the processor, cause the processor to perform the steps of receiving an initial instruction from a remote computing device, retrieving first and second bitstreams having different lengths from an addressable cryptographic table by determining first and second bit values stored at addresses belonging to addresses derived from the initial instruction in the addressable cryptographic table, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
  • FIG. 1 depicts a schematic of example communication systems in which embodiments disclosed herein may be practiced.
  • FIG. 2 depicts two communication systems communicating using a shared encryption key independently generated by both parties using cryptographic table data.
  • FIG. 3 is a flowchart depicting an example method for generating extended-length cryptographic keys according to embodiments disclosed herein.
  • FIGS. 4A-4B are illustrations of steps in the generation of an extended length cryptographic key from two shorter keys.
  • FIG. 5 is table depicting combinations of data operations used to create multiple unique composite cryptographic keys.
  • FIGS. 6A-6B illustrate extension of a set of composite keys and multiple such extensions as may be generated in multi-threaded computing system.
  • FIG. 7 is a table summarizing composite key space sizes achieved using various combinations of key extension techniques disclosed herein.
  • Private keys are generated using data in addressable cryptographic tables addressed using public keys.
  • Extended length private keys may be derived from private keys such that the original private key space is obscured and new composite private keys do not repeat any patterns of the original private keys.
  • One key is used as bit selector stream and the other key is used as a data stream to form the new composite private key.
  • This invention extends the new composite private key space by the use of permutations and manipulations against the original bit selector stream. This results in no repetition across multiple composite private key spaces. Multiple composite keys can be produced from one data stream by applying permutations and other manipulations of the selector stream.
  • Composite key generation performance may be optimized by using multiple ordered key pairs in parallel. This multi-threaded design improves the speed of key generation many times over by organizing the generation of composite keys around multiple key pairs in parallel.
  • the composite key space is extended indefinitely by the use of key extensions as part of the encrypted payload. This has the impact of private key lengths that are as long as the data to be encrypted and decrypted.
  • FIG. 1 is a schematic illustrating communications systems in which embodiments disclosed herein may be practiced.
  • communication system 100 A acts as the sender (“Alice”) and communication system 100 B acts the receiver (“Bob”).
  • the communication systems 100 A/B each have respective processing circuitry 110 A/B, memory 120 A/B, communication interfaces 130 A/B, and transceivers 140 A/B. Each system communicates sends and/or receives information via its communication interface 140 A/B.
  • the communication interfaces 130 A/B are coupled to transceivers 140 A/B which send signals over a communication channel 150 .
  • the processing circuitry 110 B of communication system 100 B may optionally include security circuitry 112 B, for use with certain embodiments disclosed herein.
  • the memory 120 A of communication system 100 A may optionally store security data 122 A for use with certain embodiments.
  • the security circuitry 112 B may include a dedicated PUF array.
  • the processing circuitry 110 B may be configured to respond to an authentication challenge which specifies an address (or range of addresses) in the PUF array and a set of operations to perform in order to generate a unique response to the authentication challenge.
  • Such embodiments may be designed to communicate with embodiments of communication system 100 A configured to store security data 122 A in the memory 120 A.
  • the processing circuitry 110 A is configured to generate authentication challenges and receive responses to those challenges. The responses and challenges may be saved as part of the security data 122 A.
  • processing circuitry 110 A may be further configured to send randomly-selected challenges to embodiments of communication system 100 B having security circuitry 112 B.
  • transmitting the challenges to communication system 100 B allows communication systems 100 A and 100 B to agree upon the challenge responses as shared encryption keys without required information which might compromise the secrecy of those keys to be transmitted, as described below.
  • FIG. 2 illustrates an environment in which two parties, “Alice” ( 210 A) and “Bob” ( 210 B) communicate in order to agree upon a shared key.
  • “Alice” and “Bob” each have access to respective cryptographic tables 210 A,B.
  • the cryptographic tables store ternary data.
  • “Alice” may generate a public key 220 (or a datastream from which the public key 220 may be extracted) and transmit that public key 220 to Bob. Alice and Bob can both use the public key 220 to access their respective cryptographic tables.
  • the public key 220 may be used to generate a message digest using a hash function 212 .
  • the output of the hash function 212 may be used as an address 205 A,B (or range of addresses) that identifies a values stored in the respective cryptographic tables 210 A,B.
  • the public key 220 may be combined with a password (such as one or both of the passwords 222 A,B) or other token.
  • the password may be shared by the two parties, or each party may use a unique password.
  • the address spaces of each of the cryptographic tables 210 A,B may be configured such that the combination of the same public key 220 with the password of each party indexes the same data.
  • the functionality of the cryptographic tables 210 A,B may be realized by one party (e.g., “Bob”) having an array of physical unclonable function (PUF) devices (a “PUF array” and another party (e.g., “Alice) having access to information characterizing the PUF array.
  • a PUF array may be any array of devices having unique physical characteristics which may be used to identify a user or device in possession of the array.
  • unique PUF arrays may be produced using known semiconductor or other mass production techniques with sufficient variability such that it is highly improbable that any two arrays produced using the same process will possess indistinguishable physical characteristics.
  • Non-limiting examples of such characteristics are time delays of transistor-based ring oscillators and transistor threshold voltages.
  • Other non-limiting examples include optical devices.
  • Bob may possess an optical PUF device which, when illuminated by a light source such as a laser produces a unique image due to minute manufacturing variations. This image may be digitized and the pixels may be used to form an addressable PUF array.
  • Another example is an array of SRAM cells each of which will “default” to storing a ‘0’ or a ‘ 1’.
  • the measured characteristics of a PUF array may not be perfectly deterministic to due to aging, thermal drift, or other causes.
  • some of the SRAM cells in an SRAM-based array may always store a ‘0’ or ‘ 1’ after a power cycle while others may oscillate between states.
  • Non-deterministic devices may be dealt with in a number of ways. As one example, a system may repeatedly measure each device either before or in response to an attempt to read values of the devices. Devices whose measurements vary more than a threshold may be excluded and the system may store (or receive) instruction for substituting measurements of other devices in place of the “unreliable” devices. In other schemes, PUF devices may be measured repeatedly and assigned values based on statistical characteristics.
  • devices that store a ‘0’ more than a certain percentage of the time may be assigned a ‘0’ value and devices that store ‘1’ more than a certain percentage of the time may be assigned a ‘1’ value.
  • devices that store a ‘0’ or ‘1’ may be assigned a third value as part of a ternary scheme in which reliable devices are assigned a ‘0’ or a ‘ 1’ while “unreliable” devices are assigned a third value. This concept may be extended to quaternary and other number systems.
  • a device having a PUF array with potentially unreliable devices may store or otherwise receive error correction information such as parity and/or checksum data and may employ suitable error-correcting codes and other error-correction techniques.
  • error correction methods may be performed on the composite encryption key using parity bits, data helpers, response based cryptographic methods, ternary cryptography, and fuzzy extractors.
  • FIG. 3 is a flowchart illustrated an example process 300 for generating one or more extended length keys according to embodiments herein. Two communicating parties may use a process such as the process 300 to independent generated one or more variable-length extended keys upon sharing a message (e.g., the public key 220 ) between them.
  • a message e.g., the public key 220
  • FIG. 3 is a flowchart depicting an example method 300 for generating extended-length cryptographic keys according to embodiments disclosed herein.
  • Method 300 may be implemented by any suitable devices including appropriate combinations of processors, memory and other hardware components (e.g., PUF arrays).
  • an initial instruction is received from a remote computing device using a client computing device having an addressable cryptographic table and in step 304 first and second bitstreams having different lengths are retrieved from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, and outputting the first bit values as the first bitstream and the second bit values as the second bitstream.
  • step 306 the first bitstream is concatenated with data from the first bitstream to form a data stream having a desired length and in step 308 the second bitstream is concatenated with data from the second bitstream to form a selector stream having the desired length.
  • step 310 a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream is formed by selecting values of the data stream identified by corresponding bit values of the selector stream.
  • a composite key generation method begins with two private keys that are on average 21.3 KB long. These private keys are unique and are generated using two unique public keys (e.g., two public keys 220 ) to retrieve values from a cryptographic table (e.g., a cryptographic table 210 ).
  • the composite key generation process requires the steps comprising: At a minimum, two or more unique private keys, denoted as K 1 , K 2 , . . . , K N , with respective lengths of L 1 , L 2 , . . . , L N bytes are selected. Each of the private keys must have different lengths wherein L 1 ⁇ L 2 ⁇ . . .
  • each of the private keys are based upon a randomly-selected public key, there will be no repeating predictable data patterns.
  • the keys may also be derived from other cryptographic keys.
  • a first private key (e.g., K 1 ) is chosen as a “selector” stream.
  • the selector stream is formed by concatenating K 1 with itself for L 2 times, and will be denoted S 1 .
  • another private key is chosen (e.g., K 2 ) that is defined as the data stream.
  • the data stream is formed by concatenating K 2 with itself for L 1 times and is denoted as D 1 .
  • lengths L 1 and L 2 are typically selected to be prime numbers where L 1 ⁇ L 2 .
  • the relative byte offset in each K 1 and K 2 are uniquely paired such that no same offset pairs will repeat during the scope of the S 1 and D 1 byte alignments. This will result in a composite bit stream with no repeating data patterns due to repeated byte pairings from the respective K 1 and K 2 .
  • FIG. 4B illustrates formation of the composite key by indexing the aligned selector and data streams.
  • the locations of individual selector bits that equal ‘1’ form a mask that may be used to select corresponding bits from the data stream and where individual selector bits that equal 0 ignore bits from data stream.
  • An alternate bit selection method may be implemented by forming N-bit groups of the selector and performing a mod 2 calculation where a ‘1’ value selects the corresponding group of N-bit groups of the data, and a result of 0 ignores the data.
  • the arguments are an ordered pair (S 1 , D 1 ), and when they are reversed, this results in the generation of a completely different composite key by
  • C 2 generateComposite(D 1 , S 1 ).
  • the composite key length will L 1 ⁇ L 2 ⁇ 50%.
  • the 50% comes from the usage of selector streams with a uniform random distribution of ‘1’ values.
  • the select modifiers uniquely extend the composite private keys, wherein each of the new composite key derivatives greatly expands the total composite key space. There are two distinct forms of select modifications: the permutation modifiers and the XOR modifiers.
  • Additional composite keys may be created by permuting values of the selector stream.
  • a set of permutation operations may be defined and a system may store (or receive) instructions that determine which permutations to apply, in which order such that two communicating parties can independently generate the same additional selectors and thus generate identical sets of additional composite keys.
  • p k where k ⁇ 0.
  • p 0 also referred to as the pass-through
  • p 0 [12345678] 12345678.
  • p 0 [0b11110000] 0b11110000.
  • p 1 [0b101010] 0b01010101.
  • p 2 [0b00111100] 0b11000011.
  • Bit-rotate permutations are functions are denoted as b k where k>0 and # ⁇ 8.
  • b 0 [0b10110010] 0b10110010.
  • b 1 [12345678] 23456781.
  • b 1 (0b10110010) 0b01100101.
  • b 2 [12345678] 34567812.
  • b 2 [0b10110010] 0b11001010.
  • permutation function maps 1-byte (8-bits) ⁇ 1-byte (8-bits).
  • XOR functions are manipulation functions, denoted as x k where k ⁇ 0.
  • the XOR function is denoted by the ⁇ circumflex over ( ) ⁇ bit operator.
  • x 1 [bits] bits ⁇ circumflex over ( ) ⁇ 0b11111111.
  • x 2 [bits] bits ⁇ circumflex over ( ) ⁇ 0b11011101.
  • the set of basic permutation functions ⁇ p, b ⁇ may be combined with XOR-based manipulations.
  • the composite key generation process continues in a very ordered manor, as shown in FIG. 5 , with very specific selector manipulation sequences for each byte in the base selector stream.
  • the final composite key correspondingly grows by concatenate(C 0 , C 1 , . . . , C N ).
  • the maximum composite key space length is up to 224.37 MB •51,200 ⁇ 10.96 TB for a single private key pair (e.g., K 1 , K 2 ).
  • these permutation functions map are 1-byte (8-bits) at the input ⁇ 1-byte (8-bits) at the output.
  • the permutation mappings may be extended to include other input output mappings, like using adjacent bytes as inputs.
  • example mappings include: 2-byte (16-bits) ⁇ 1-byte (8-bits) permutations. For example, where the previous byte bit positions ‘abcdefgh’ and the current byte bit positions ‘12345678’, then a new byte of ‘b2d4f6h8’ can be formed.
  • the composite key length can be doubled by generating both concatenate(C 1 , C 2 ). This results in 2 ⁇ 10.96 TB ⁇ 21.92 TB of total composite key space using just two unique K 1 and K 2 values.
  • each of the public keys must be defined upfront.
  • the number of public keys is set depending upon the desired total composite private key space and/or the amount of parallel ordered key pair generation worker threads, as discussed in more detail below.
  • the storage and communication of the public keys is largely dependent upon the use case.
  • the two systems i.e., the sender and receiver
  • they may each have separately secured identical cryptographic tables and passwords, and they communicate an initial set of public keys and the encrypted file.
  • the initial key exchange will be referenced as ‘KeySet 1 ’.
  • the XOR encrypted data will be organized in logical “data blocks.”
  • the size of the data blocks is implementation dependent. One possible implementation is to arrange the data blocks around the indices of the b N [p N [x N [selByte] ] ] calls that were described previously. The significance of these data blocks is that they will be used during the key extension process.
  • a creative way of generating the key space faster is to implement a threading algorithm that generates the composite key space in parallel.
  • One such innovative threading algorithm is to organize the processing of ordered key pairs into separate threads.
  • FIG. 6B shows an example, where there are 3 unique keys K 1 , K 2 , and k 3 and several ordered key pair threads are formed.
  • Each of the worker threads above create blocks of unique key space that are created in parallel.
  • a key consumer thread is defined (not shown) that is either performing encryption or decryption.
  • the key consumer thread absorbs the blocks of unique key space in block sequential order. This allows the overall rate of encryption/decryption to run many times faster.
  • FIG. 7 summarizes the available composite key space as additional keys are generated as described above for an example where the first selector and the first datastream each have a length of 448.7 MB, (their respective lengths being 21,701 and 21,683). Two 224.3 MB composite keys may be generated. These two keys may be concatenated to form a composite key space of 448.7 MB.
  • FIG. 7 shows the key spaces achieved with various schemes disclosed herein enabling larger and larger composite key spaces.
  • D 1 by concatenating K 2 with itself q 1 times, so that the data stream D 1 has a total length of q 1 ⁇ q 2 bytes.
  • the streams S 1 and D 1 are aligned such that they are both indexed by the integer i offset, where O ⁇ i ⁇ q 1 ⁇ q 2 .
  • a method includes receiving an initial instruction from a remote computing device using a client computing device having an addressable cryptographic table, retrieving first and second bitstreams having different lengths from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, outputting the first bit values as the first bitstream and the second bit values as the second bitstream, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
  • the method includes determining, as the different lengths of the first and second bitstream, two co-prime integers, and selecting a product of the different lengths as the desired length.
  • the method includes selecting a permutation instruction from a set of allowed permutation instructions defined in memory of the computing device, applying one or more permutation instructions or logical operations to the selector stream to produce additional selector streams, and forming additional composite encryption keys by selecting values of the data stream identified by corresponding values of respective additional selector strings.
  • applying the one or more permutation instructions or logical operations includes applying a unique permutation function that uniquely reorders values of the selector stream to produce each additional selector stream.
  • retrieving the first and second bitstreams from the addressable cryptographic table comprises measuring physical characteristics of physical unclonable function (“PUF”) devices of a PUF array of the computing device at addresses in the PUF array derived from the initial instruction.
  • measuring the physical characteristics of the PUF devices of the PUF array comprises repeatedly measuring each PUF device and returning values for each PUF device based on statistical characteristics of the repeated measurements of that PUF device.
  • the method includes encoding into the first composite encryption key an error correction code, and executing an error correction method on the first composite encryption key using parity bits, data helpers, response based cryptographic methods, ternary cryptography, and fuzzy extractors.
  • a device in an embodiment, includes a processor and a memory coupled to the processor.
  • the memory stores instructions that, when executed by the processor, cause the processor to perform the steps of receiving an initial instruction from a remote computing device using a client computing device having an addressable cryptographic table, retrieving first and second bitstreams having different lengths from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, outputting the first bit values as the first bitstream and the second bit values as the second bitstream, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
  • a device in an embodiment, includes a processor and a memory coupled to the processor.
  • the memory stores instructions that, when executed by the processor, cause the processor to perform the steps of receiving an initial instruction from a remote computing device, retrieving first and second bitstreams having different lengths from an addressable cryptographic table by determining first and second bit values stored at addresses belonging to addresses derived from the initial instruction in the addressable cryptographic table, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

A system and method for the generation of composite private keys are provided. First and second bitstreams are retrieved from an addressable cryptographic table by deriving addresses in the addressable cryptographic table from an initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, and outputting the first bit values as the first bitstream and the second bit values as the second bitstream. The first bitstream is concatenated with data from the first bitstream to form a data stream having a desired length and the second bitstream is concatenated with data from the second bitstream to form a selector stream having the desired length. A first composite encryption key having a length longer than the first and second bitstreams is formed by selecting values of the data stream identified by corresponding bit values of the selector stream.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS
The present application claims priority to U.S. Provisional Application 62/860,474 entitled “Generation of Composite Private Keys” and filed on Jun. 12, 2019.
BACKGROUND OF THE INVENTION
Conventional secure communication techniques involve transmitting encrypted information over a channel such as an electrical transmission line, a fiber-optic cable, or through free space using electromagnetic waves. Such techniques make use of cryptographic methods utilizing shared secrets (i.e., a cryptographic key) between a sender and a receiver to ensure that only the intended parties can properly encode and decode a message. In some conventional approaches, the sender and receiver may share cryptographic tables or exchange information between them to arrive at a shared key. In such approaches the length of the shared keys used and the number of available keys will depend upon memory limitations and/or available communications bandwidth.
BRIEF SUMMARY
In an embodiment, a method includes receiving an initial instruction from a remote computing device using a client computing device having an addressable cryptographic table, retrieving first and second bitstreams having different lengths from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, outputting the first bit values as the first bitstream and the second bit values as the second bitstream, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
In an embodiment, the method includes determining, as the different lengths of the first and second bitstream, two co-prime integers, and selecting a product of the different lengths as the desired length. In an embodiment, the method includes selecting a permutation instruction from a set of allowed permutation instructions defined in memory of the computing device, applying one or more permutation instructions or logical operations to the selector stream to produce additional selector streams, and forming additional composite encryption keys by selecting values of the data stream identified by corresponding values of respective additional selector strings. In an embodiment, applying the one or more permutation instructions or logical operations includes applying a unique permutation function that uniquely reorders values of the selector stream to produce each additional selector stream. In an embodiment, retrieving the first and second bitstreams from the addressable cryptographic table comprises measuring physical characteristics of physical unclonable function (“PUF”) devices of a PUF array of the computing device at addresses in the PUF array derived from the initial instruction. In an embodiment, measuring the physical characteristics of the PUF devices of the PUF array comprises repeatedly measuring each PUF device and returning values for each PUF device based on statistical characteristics of the repeated measurements of that PUF device. In an embodiment, the method includes encoding into the first composite encryption key an error correction code, and executing an error correction method on the first composite encryption key using parity bits, data helpers, response based cryptographic methods, ternary cryptography, and fuzzy extractors.
In an embodiment, a device includes a processor and a memory coupled to the processor. The memory stores instructions that, when executed by the processor, cause the processor to perform the steps of receiving an initial instruction from a remote computing device using a client computing device having an addressable cryptographic table, retrieving first and second bitstreams having different lengths from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, outputting the first bit values as the first bitstream and the second bit values as the second bitstream, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
In an embodiment, a device includes a processor and a memory coupled to the processor. The memory stores instructions that, when executed by the processor, cause the processor to perform the steps of receiving an initial instruction from a remote computing device, retrieving first and second bitstreams having different lengths from an addressable cryptographic table by determining first and second bit values stored at addresses belonging to addresses derived from the initial instruction in the addressable cryptographic table, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
The above features and advantages of the present invention will be better understood from the following detailed description taken in conjunction with the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
The drawings described herein constitute part of this specification and includes exemplary embodiments of the present invention which may be embodied in various forms. It is to be understood that in some instances, various aspects of the invention may be shown exaggerated or enlarged to facilitate an understanding of the invention. Therefore, drawings may not be to scale.
FIG. 1 depicts a schematic of example communication systems in which embodiments disclosed herein may be practiced.
FIG. 2 depicts two communication systems communicating using a shared encryption key independently generated by both parties using cryptographic table data.
FIG. 3 is a flowchart depicting an example method for generating extended-length cryptographic keys according to embodiments disclosed herein.
FIGS. 4A-4B are illustrations of steps in the generation of an extended length cryptographic key from two shorter keys.
FIG. 5 is table depicting combinations of data operations used to create multiple unique composite cryptographic keys.
FIGS. 6A-6B illustrate extension of a set of composite keys and multiple such extensions as may be generated in multi-threaded computing system.
FIG. 7 is a table summarizing composite key space sizes achieved using various combinations of key extension techniques disclosed herein.
 DETAILED DESCRIPTION
The described features, advantages, and characteristics may be combined in any suitable manner in one or more embodiments. One skilled in the relevant art will recognize that the circuit may be practiced without one or more of the specific features or advantages of a particular embodiment. In other instances, additional features and advantages may be recognized in certain embodiments that may not be present in all embodiments.
Reference throughout this specification to “one embodiment,” “an embodiment,” or similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment. Thus appearances of the phrase “in one embodiment,” “in an embodiment,” and similar language throughout this specification may, but do not necessarily, all refer to the same embodiment.
Conventional encryption schemes using shared keys have disadvantages. In particular, the keys must be shared ahead of time and/or stored by both parties. It can be time consuming and resource-intensive to share and store large keys, particularly when it is desirable to use a larger number of keys (in polymorphic encryption schemes, for example). While known methods may be used to generate multiple longer keys from existing keys, the overall entropy of resulting encryption schemes may be reduced, compromising security.
Accordingly, the present disclosure describes systems and methods to generate numerous extended variable length cryptographic keys using shorter keys as inputs while preserving high levels of entropy. Private keys are generated using data in addressable cryptographic tables addressed using public keys. Extended length private keys may be derived from private keys such that the original private key space is obscured and new composite private keys do not repeat any patterns of the original private keys. One key is used as bit selector stream and the other key is used as a data stream to form the new composite private key. This invention extends the new composite private key space by the use of permutations and manipulations against the original bit selector stream. This results in no repetition across multiple composite private key spaces. Multiple composite keys can be produced from one data stream by applying permutations and other manipulations of the selector stream. Composite key generation performance may be optimized by using multiple ordered key pairs in parallel. This multi-threaded design improves the speed of key generation many times over by organizing the generation of composite keys around multiple key pairs in parallel. The composite key space is extended indefinitely by the use of key extensions as part of the encrypted payload. This has the impact of private key lengths that are as long as the data to be encrypted and decrypted.
FIG. 1 is a schematic illustrating communications systems in which embodiments disclosed herein may be practiced. In this example, communication system 100A acts as the sender (“Alice”) and communication system 100B acts the receiver (“Bob”). The communication systems 100A/B each have respective processing circuitry 110A/B, memory 120A/B, communication interfaces 130A/B, and transceivers 140A/B. Each system communicates sends and/or receives information via its communication interface 140A/B. The communication interfaces 130A/B are coupled to transceivers 140A/B which send signals over a communication channel 150. The processing circuitry 110B of communication system 100B may optionally include security circuitry 112B, for use with certain embodiments disclosed herein. Similarly, the memory 120A of communication system 100A may optionally store security data 122A for use with certain embodiments.
In embodiments of the communication system 100B having the security circuitry 112B, the security circuitry 112B may include a dedicated PUF array. In such embodiments, the processing circuitry 110B may be configured to respond to an authentication challenge which specifies an address (or range of addresses) in the PUF array and a set of operations to perform in order to generate a unique response to the authentication challenge. Such embodiments may be designed to communicate with embodiments of communication system 100A configured to store security data 122A in the memory 120A. In such embodiments, the processing circuitry 110A is configured to generate authentication challenges and receive responses to those challenges. The responses and challenges may be saved as part of the security data 122A. In such embodiments the processing circuitry 110A may be further configured to send randomly-selected challenges to embodiments of communication system 100B having security circuitry 112B. In certain embodiments described herein, transmitting the challenges to communication system 100B allows communication systems 100A and 100B to agree upon the challenge responses as shared encryption keys without required information which might compromise the secrecy of those keys to be transmitted, as described below.
FIG. 2 illustrates an environment in which two parties, “Alice” (210A) and “Bob” (210B) communicate in order to agree upon a shared key. “Alice” and “Bob” each have access to respective cryptographic tables 210A,B. In embodiments such as the embodiment shown, the cryptographic tables store ternary data. “Alice” may generate a public key 220 (or a datastream from which the public key 220 may be extracted) and transmit that public key 220 to Bob. Alice and Bob can both use the public key 220 to access their respective cryptographic tables. In some embodiments, the public key 220 may be used to generate a message digest using a hash function 212. The output of the hash function 212 may be used as an address 205A,B (or range of addresses) that identifies a values stored in the respective cryptographic tables 210A,B. For added security the public key 220 may be combined with a password (such as one or both of the passwords 222A,B) or other token. The password may be shared by the two parties, or each party may use a unique password. In embodiments where each party uses a unique password, the address spaces of each of the cryptographic tables 210A,B may be configured such that the combination of the same public key 220 with the password of each party indexes the same data.
In some embodiments, the functionality of the cryptographic tables 210A,B may be realized by one party (e.g., “Bob”) having an array of physical unclonable function (PUF) devices (a “PUF array” and another party (e.g., “Alice) having access to information characterizing the PUF array. For purposes of this disclosure, a PUF array may be any array of devices having unique physical characteristics which may be used to identify a user or device in possession of the array. In practice, unique PUF arrays may be produced using known semiconductor or other mass production techniques with sufficient variability such that it is highly improbable that any two arrays produced using the same process will possess indistinguishable physical characteristics. Non-limiting examples of such characteristics are time delays of transistor-based ring oscillators and transistor threshold voltages. Other non-limiting examples include optical devices. For example, Bob may possess an optical PUF device which, when illuminated by a light source such as a laser produces a unique image due to minute manufacturing variations. This image may be digitized and the pixels may be used to form an addressable PUF array. Another example is an array of SRAM cells each of which will “default” to storing a ‘0’ or a ‘ 1’.
The measured characteristics of a PUF array (or a subset of devices in a PUF array) may not be perfectly deterministic to due to aging, thermal drift, or other causes. For example, some of the SRAM cells in an SRAM-based array may always store a ‘0’ or ‘ 1’ after a power cycle while others may oscillate between states. Non-deterministic devices may be dealt with in a number of ways. As one example, a system may repeatedly measure each device either before or in response to an attempt to read values of the devices. Devices whose measurements vary more than a threshold may be excluded and the system may store (or receive) instruction for substituting measurements of other devices in place of the “unreliable” devices. In other schemes, PUF devices may be measured repeatedly and assigned values based on statistical characteristics. For instance, devices that store a ‘0’ more than a certain percentage of the time may be assigned a ‘0’ value and devices that store ‘1’ more than a certain percentage of the time may be assigned a ‘1’ value. In some schemes devices that store a ‘0’ or ‘1’ may be assigned a third value as part of a ternary scheme in which reliable devices are assigned a ‘0’ or a ‘ 1’ while “unreliable” devices are assigned a third value. This concept may be extended to quaternary and other number systems. In some schemes, a device having a PUF array with potentially unreliable devices may store or otherwise receive error correction information such as parity and/or checksum data and may employ suitable error-correcting codes and other error-correction techniques. In an embodiment, error correction methods may be performed on the composite encryption key using parity bits, data helpers, response based cryptographic methods, ternary cryptography, and fuzzy extractors.
As above, it may be desirable in certain applications to generate very long encryption keys and/or to generate multiple encryption keys for use with polymorphic encryption schemes. However, the length of each encryption key 240 and the number of possible unique encryption keys 240 is limited by the sizes of the cryptographic tables 210A,B. While longer keys can be generating by exchanging multiple public keys this may be bandwidth intensive and introduce unacceptable latency. FIG. 3 is a flowchart illustrated an example process 300 for generating one or more extended length keys according to embodiments herein. Two communicating parties may use a process such as the process 300 to independent generated one or more variable-length extended keys upon sharing a message (e.g., the public key 220) between them.
FIG. 3 is a flowchart depicting an example method 300 for generating extended-length cryptographic keys according to embodiments disclosed herein. Method 300 may be implemented by any suitable devices including appropriate combinations of processors, memory and other hardware components (e.g., PUF arrays). In an initial step 302, an initial instruction is received from a remote computing device using a client computing device having an addressable cryptographic table and in step 304 first and second bitstreams having different lengths are retrieved from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, and outputting the first bit values as the first bitstream and the second bit values as the second bitstream. In step 306, the first bitstream is concatenated with data from the first bitstream to form a data stream having a desired length and in step 308 the second bitstream is concatenated with data from the second bitstream to form a selector stream having the desired length. In step 310 a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream is formed by selecting values of the data stream identified by corresponding bit values of the selector stream. Below, details of key-generation processes related to the example process 300 are described further.
As an example, a composite key generation method begins with two private keys that are on average 21.3 KB long. These private keys are unique and are generated using two unique public keys (e.g., two public keys 220) to retrieve values from a cryptographic table (e.g., a cryptographic table 210). In general, the composite key generation process requires the steps comprising: At a minimum, two or more unique private keys, denoted as K1, K2, . . . , KN, with respective lengths of L1, L2, . . . , LN bytes are selected. Each of the private keys must have different lengths wherein L1≠L2≠ . . . ≠LN and a greatest common denominator gcd(L1, L2, . . . , LN)=1. Because each of the private keys are based upon a randomly-selected public key, there will be no repeating predictable data patterns. The keys may also be derived from other cryptographic keys.
As illustrated by FIG. 4A, a first private key (e.g., K1) is chosen as a “selector” stream. The selector stream is formed by concatenating K1 with itself for L2 times, and will be denoted S1. The creation of the selector S1 is a function and may be expressed as S1=concatenate(K1, L2). Second, another private key is chosen (e.g., K2) that is defined as the data stream. The data stream is formed by concatenating K2 with itself for L1 times and is denoted as D1. The creation of the data stream is a function and may be expressed as D1=concatenate(K2, L1). Notice that both S1 and D1 have a length of L1×L2. Then, S1 is byte-aligned with the D1 from end to end.
For the selection of private key lengths, lengths L1 and L2 are typically selected to be prime numbers where L1≠L2. Thus, gcd(L1, L2)=1 always holds true. If unique primes run out in the key length ranges, then non-prime lengths may be used as long as gcd(L1, L2)=1. Based on mathematical number theory with the condition of gcd(L1, L2)=1, then the relative byte offset in each K1 and K2 are uniquely paired such that no same offset pairs will repeat during the scope of the S1 and D1 byte alignments. This will result in a composite bit stream with no repeating data patterns due to repeated byte pairings from the respective K1 and K2.
FIG. 4B illustrates formation of the composite key by indexing the aligned selector and data streams. The locations of individual selector bits that equal ‘1’ form a mask that may be used to select corresponding bits from the data stream and where individual selector bits that equal 0 ignore bits from data stream. An alternate bit selection method may be implemented by forming N-bit groups of the selector and performing a mod 2 calculation where a ‘1’ value selects the corresponding group of N-bit groups of the data, and a result of 0 ignores the data. This operation may be expressed as C1=generateComposite(S1, D1). The arguments are an ordered pair (S1, D1), and when they are reversed, this results in the generation of a completely different composite key by C2=generateComposite(D1, S1).
After the generation of C1, then on average the composite key length will L1×L2×50%. The 50% comes from the usage of selector streams with a uniform random distribution of ‘1’ values. Using two prime key lengths of 21,701 bytes and 21,683 bytes, then a single composite key length is on average 21,701×21,683×0.50 224.37 MB. These two example key lengths will be used for the remaining calculations in this text. The select modifiers uniquely extend the composite private keys, wherein each of the new composite key derivatives greatly expands the total composite key space. There are two distinct forms of select modifications: the permutation modifiers and the XOR modifiers. After the first composite private key C1 is formed by C1=generateComposite(S1, D1), then the composite key space is uniquely extended by use of permutation and data manipulation functions against every byte in the original S1 which forms the new derivative selector S2. The result is C2=generateComposite(S2, D1). As many unique derivatives SN are created, then the result is a corresponding number of unique CN derivatives. The original data stream, D1, is never changed for the initial pair of selector and data, (S1, D1).
Additional composite keys may be created by permuting values of the selector stream. A set of permutation operations may be defined and a system may store (or receive) instructions that determine which permutations to apply, in which order such that two communicating parties can independently generate the same additional selectors and thus generate identical sets of additional composite keys. We denote fundamental permutations by pk where k≥0. p0 (also referred to as the pass-through) is defined as p0[12345678]=12345678. For example, p0[0b11110000]=0b11110000. p1 (also referred to as the even-odd bit swap) is defined by p1[12345678]=21436587. For example, p1[0b10101010]=0b01010101. p2 is defined as p2[12345678]=34127856. For example, p2[0b00111100]=0b11000011.
Bit-rotate permutations are functions are denoted as bk where k>0 and #<8. b0 (also referred to as the bit-rotate pass-through) is defined by b0[12345678]=12345678. For example, b0[0b10110010]=0b10110010. b1[12345678]=23456781. For example, b1(0b10110010)=0b01100101. b2[12345678]=34567812. For example, b2[0b10110010]=0b11001010. For the base and bit-rotate permutations, these are classified as permutation function maps 1-byte (8-bits)→1-byte (8-bits). Mathematically, there are P(8,8)=8!/(8-8)!=40,320 different possible permutations. Thus far, there are chosen 50 different base permutations and for each there are 8 bit-rotate permutations. This results in a selection of 50×8=400 different byte permutations. In order to detect and remove any duplicate pe1 mutations, a program is used to verify permutation uniqueness for each base permutation and enumerate each bit rotate into a complete list. All of these 400 permutations are unique.
Additional permutation functions make use of the XOR function. Distinct from the permutation building blocks are a completely different class of functions for changing the selector bytes referred to as the XOR manipulation functions. In this class of manipulator functions, there are no permutations and consist of only individual bit changes. XOR functions are manipulation functions, denoted as xk where k≥0. The XOR function is denoted by the {circumflex over ( )} bit operator. Consider x0 (also referred to as the pass-through). Defined as x0(bits)=bits {circumflex over ( )} 0b00000000. For example, x0[0b11110000]=0b11110000{circumflex over ( )} 0b00000000=0b00001111. Consider x1. Defined as x1 [bits]=bits {circumflex over ( )}0b11111111. For example, x1[0b11110000)=0b11110000 {circumflex over ( )}0b11111111=0b00001111. Consider x2. Defined as x2[bits]=bits {circumflex over ( )}0b11011101. For example, x2[0b11110000]=0b11110000 {circumflex over ( )}0b11011101=0b00101101. For the XOR byte manipulation function, there are 28=256 different possibilities. So far, there are 128 XOR manipulation functions chosen for use in composite key generation. When the permutation and XOR manipulations are combined together, then this results in 50×8×128=51,200 different selector byte manipulations.
The set of basic permutation functions {p, b} may be combined with XOR-based manipulations. In this language, the initial formation of the first composite key is based upon a pass-through selector formed by selByte=b0[p0[x0[selByte] ] ] for every byte in the selector. Then, the composite key generation process continues in a very ordered manor, as shown in FIG. 5, with very specific selector manipulation sequences for each byte in the base selector stream. As each new S1 to C1 key is created, the final composite key correspondingly grows by concatenate(C0, C1, . . . , CN). Now the maximum composite key space length is up to 224.37 MB •51,200≈10.96 TB for a single private key pair (e.g., K1, K2).
Thus far, these permutation functions map are 1-byte (8-bits) at the input→1-byte (8-bits) at the output. However, the permutation mappings may be extended to include other input output mappings, like using adjacent bytes as inputs. Using a combination of the current byte and previous bytes, example mappings include: 2-byte (16-bits)→1-byte (8-bits) permutations. For example, where the previous byte bit positions ‘abcdefgh’ and the current byte bit positions ‘12345678’, then a new byte of ‘b2d4f6h8’ can be formed. The number of possible permutations is P(16,8)=16!/(16-8)!≈5.1×108. 3-byte (24-bits)→1-byte (8-bits) mappings yield P(24,8)=24!/(24-8)!≈2.9×1010 permutations. 4-byte (32-bits)→1-byte (8-bits) mappings yield P(32,8)=32!/(32-8)!≈4.2×1011 possible permutations. As the number of base permutations is increased from 50 to, for example, 1024, the composite key space expands substantially from 50×8×128=51,200 different selector byte manipulations to 1024×8×128=1,048,576, a twenty-fold increase. Hence, there is essentially no limit to the number of possible permutations.
Thus far, we have the discussed composite private keys based on a single ordered key pair such as C1=generateComposite(S1, D1), where S1=concatenateX(K1, L2) and D1=concatenateX(K2, L1). If the assignments are reversed between the K1 and K2, then C2=generateComposite(selector2, data2) where select2=concatenateX(K2, L1) and D2=concatenateX(K1, L2). Since the selector/data roles are reversed, then this results in unique C1 and C2 keys. Thus, the composite key length can be doubled by generating both concatenate(C1, C2). This results in 2×10.96 TB≈21.92 TB of total composite key space using just two unique K1 and K2 values. As N number of unique keys are added with gcd(len-i, len-j)=1 for all keys where len-i≠len-j, then there will be (N)×(N−1) unique ordered key pairs. As shown in FIG. 6, there is an acceleration of the resultant composite key space.
Initially, in any given encryption or decryption session, each of the public keys must be defined upfront. The number of public keys is set depending upon the desired total composite private key space and/or the amount of parallel ordered key pair generation worker threads, as discussed in more detail below.
The storage and communication of the public keys is largely dependent upon the use case. In the case of encryption/decryption applications, the two systems (i.e., the sender and receiver) may each have separately secured identical cryptographic tables and passwords, and they communicate an initial set of public keys and the encrypted file. The initial key exchange will be referenced as ‘KeySet1’. As the encryption and decryption is writing or reading the encrypted stream, the XOR encrypted data will be organized in logical “data blocks.” The size of the data blocks is implementation dependent. One possible implementation is to arrange the data blocks around the indices of the bN[pN[xN [selByte] ] ] calls that were described previously. The significance of these data blocks is that they will be used during the key extension process.
It is anticipated to use the composite private key space to encrypt very large amounts of data. Therefore, at some point, the last of the composite private key space may run out for the continuing XOR encryption process. At that point, new public and private key pairs (labeled as KeySetN′) have to be generated. If the encryption session begins with a KeySet1 exchange of N-keys, then each key extension must also include N keys. To exchange the new key extension KeySetN, then the associated public keys required to generate KeySetN will be embedded as part of the encrypted data payload, at the beginning of the last encrypted “data block” (FIG. 6A). The data block size must be large enough to contain all of the public keys of KeySetN. Both the size of the data block and the exact position of the key extension KeySetN is implementation dependent.
A creative way of generating the key space faster is to implement a threading algorithm that generates the composite key space in parallel. One such innovative threading algorithm is to organize the processing of ordered key pairs into separate threads. FIG. 6B shows an example, where there are 3 unique keys K1, K2, and k3 and several ordered key pair threads are formed. Each of the worker threads above create blocks of unique key space that are created in parallel. Then a key consumer thread is defined (not shown) that is either performing encryption or decryption. The key consumer thread absorbs the blocks of unique key space in block sequential order. This allows the overall rate of encryption/decryption to run many times faster.
FIG. 7 summarizes the available composite key space as additional keys are generated as described above for an example where the first selector and the first datastream each have a length of 448.7 MB, (their respective lengths being 21,701 and 21,683). Two 224.3 MB composite keys may be generated. These two keys may be concatenated to form a composite key space of 448.7 MB. Along these lines, FIG. 7 shows the key spaces achieved with various schemes disclosed herein enabling larger and larger composite key spaces.
We now formally prove that non-repeating byte alignments are generated by methods disclosed above. We begins with two private keys, K1 and K2, with respective lengths of L1 and L2, where L1≠L2 and gcd(L1, L2)=1. The keys K1 and K2 will be byte indexed using respective integer offsets r1 and r2, where 0≤r1<q1 and 0≤r2<q2. We form S1 by concatenating K1 with itself p2 times, so that the length of S1 is a total of q1×q2 bytes. We form D1 by concatenating K2 with itself q1 times, so that the data stream D1 has a total length of q1×q2 bytes. The streams S1 and D1 are aligned such that they are both indexed by the integer i offset, where O≤i<q1×q2.
Claim: Since the streams S1 and D1 are byte indexed by i, there exists unique byte index pairs r1 and r2 within the associated streams K1 and K2 for the entire indexed length of O≤i<q1 •q2.
Proof: By the Division Algorithm, there exists unique integers m and r1 such that i=m •q1+r1, where 0≤r1<q1 and 0≤i<q1×q2 and, there exists unique integers n and r2 such that i=n×q2+r2, where 0≤r2<q2 and 0≤i<q1×q2. It follows that r1=i mod q1 and r2=i mod p2. Then by definition of congruence, r1=i mod q1 ↔i=r1 mod q1 and r2=i mod q2 ↔i=r2 mod q2. Since gcd(q1, q2)=1 and by the Chinese Remainder Theorem, then there exists unique integers r1 and r2 for any integer i, modulo q1×q2. The overall significance of this claim is that the composite bytes generated from the streams S1 and D1 will not have duplicate composite bytes due to duplicate byte offset pairs from their respective source streams.
In an embodiment, a method includes receiving an initial instruction from a remote computing device using a client computing device having an addressable cryptographic table, retrieving first and second bitstreams having different lengths from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, outputting the first bit values as the first bitstream and the second bit values as the second bitstream, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
In an embodiment, the method includes determining, as the different lengths of the first and second bitstream, two co-prime integers, and selecting a product of the different lengths as the desired length. In an embodiment, the method includes selecting a permutation instruction from a set of allowed permutation instructions defined in memory of the computing device, applying one or more permutation instructions or logical operations to the selector stream to produce additional selector streams, and forming additional composite encryption keys by selecting values of the data stream identified by corresponding values of respective additional selector strings. In an embodiment, applying the one or more permutation instructions or logical operations includes applying a unique permutation function that uniquely reorders values of the selector stream to produce each additional selector stream. In an embodiment, retrieving the first and second bitstreams from the addressable cryptographic table comprises measuring physical characteristics of physical unclonable function (“PUF”) devices of a PUF array of the computing device at addresses in the PUF array derived from the initial instruction. In an embodiment, measuring the physical characteristics of the PUF devices of the PUF array comprises repeatedly measuring each PUF device and returning values for each PUF device based on statistical characteristics of the repeated measurements of that PUF device. In an embodiment, the method includes encoding into the first composite encryption key an error correction code, and executing an error correction method on the first composite encryption key using parity bits, data helpers, response based cryptographic methods, ternary cryptography, and fuzzy extractors.
In an embodiment, a device includes a processor and a memory coupled to the processor. The memory stores instructions that, when executed by the processor, cause the processor to perform the steps of receiving an initial instruction from a remote computing device using a client computing device having an addressable cryptographic table, retrieving first and second bitstreams having different lengths from the addressable cryptographic table by deriving addresses in the addressable cryptographic table from the initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, outputting the first bit values as the first bitstream and the second bit values as the second bitstream, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
In an embodiment, a device includes a processor and a memory coupled to the processor. The memory stores instructions that, when executed by the processor, cause the processor to perform the steps of receiving an initial instruction from a remote computing device, retrieving first and second bitstreams having different lengths from an addressable cryptographic table by determining first and second bit values stored at addresses belonging to addresses derived from the initial instruction in the addressable cryptographic table, concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length, concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length, and forming a first composite encryption key having a length longer than a length of the first bitstream and the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream.
The described features, advantages, and characteristics may be combined in any suitable manner in one or more embodiments. One skilled in the relevant art will recognize that the circuit may be practiced without one or more of the specific features or advantages of a particular embodiment. In other instances, additional features and advantages may be recognized in certain embodiments that may not be present in all embodiments.
Reference throughout this specification to “one embodiment,” “an embodiment,” or similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment. Thus appearances of the phrase “in one embodiment,” “in an embodiment,” and similar language throughout this specification may, but do not necessarily, all refer to the same embodiment.

Claims (20)

The invention claimed is:
1. A method, comprising:
receiving an initial instruction from a remote computing device using a client computing device, the client computing device having an addressable cryptographic table;
retrieving first and second bitstreams having different lengths from the addressable cryptographic table by:
deriving addresses in the addressable cryptographic table from the initial instruction;
accessing first bit values and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table; and
outputting the first bit values as the first bitstream and the second bit values as the second bitstream;
concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length;
concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length; and
forming a first composite encryption key having a length longer than a length of the first bitstream and longer than a length of the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream
wherein the addressable cryptographic table includes an array of physical unclonable function (“PUF”) devices.
2. The method of claim 1, further comprising:
determining, as the different lengths of the first and second bitstream, two co-prime integers; and
selecting a product of the different lengths as the desired length.
3. The method of claim 1, further comprising:
selecting a permutation instruction from a set of allowed permutation instructions defined in memory of the computing device,
applying one or more permutation instructions or logical operations to the selector stream to produce additional selector streams; and
forming additional composite encryption keys by selecting values of the data stream identified by corresponding values of respective additional selector strings.
4. The method of claim 3, wherein the applying the one or more permutation instructions or logical operations comprises:
applying a unique permutation function that uniquely reorders values of the selector stream to produce each additional selector stream.
5. The method of claim 1, wherein the retrieving the first and second bitstreams from the addressable cryptographic table comprises:
measuring physical characteristics of PUF devices of the array of PUF devices of the computing device at addresses in the array of PUF devices derived from the initial instruction.
6. The method of claim 5, wherein the measuring the physical characteristics of the PUF devices of the array of PUF devices comprises repeatedly measuring each PUF device and returning values for each measured PUF device based on statistical characteristics of repeated measurements of each measured PUF device.
7. The method of claim 1, further comprising:
encoding into the first composite encryption key an error correction code; and
executing an error correction method on the first composite encryption key using parity bits, data helpers, response based cryptographic methods, ternary cryptography, and fuzzy extractors.
8. A device, comprising:
a processor; and
a memory coupled to the processor, the memory storing instructions that, when executed by the processor, cause the processor to perform the steps of:
receiving an initial instruction from a remote computing device using a client computing device having an addressable cryptographic table;
retrieving first and second bitstreams having different lengths from the addressable cryptographic table by:
deriving addresses in the addressable cryptographic table from the initial instruction;
accessing first bit values and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table;
outputting the first bit values as the first bitstream and the second bit values as the second bitstream;
concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length;
concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length; and
forming a first composite encryption key having a length longer than a length of the first bitstream and longer than a length of the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream wherein, the addressable cryptographic table includes an array of physical unclonable function (“PUF”) devices.
9. The system of claim 8, wherein the memory includes instructions that, when executed by the processor cause the processor to perform the steps of:
determining, as the different lengths of the first and second bitstream, two co-prime integers; and
selecting a product of the different lengths as the desired length.
10. The system of claim 8, wherein the memory includes instructions that, when executed by the processor cause the processor to perform the steps of:
selecting a permutation instruction from a set of allowed permutation instructions defined in memory of the computing device,
applying one or more permutation instructions or logical operations to the selector stream to produce additional selector streams; and
forming additional composite encryption keys by selecting values of the data stream identified by corresponding values of respective additional selector strings.
11. The system of claim 10, wherein the applying the one or more permutation instructions or logical operations comprises:
applying a unique permutation function that uniquely reorders values of the selector stream to produce each additional selector stream.
12. The system of claim 8, wherein the retrieving the first and second bitstreams from the addressable cryptographic table comprises:
measuring physical characteristics of PUF devices of the array of PUF devices of the computing device at addresses in the array of PUF devices derived from the initial instruction.
13. The system of claim 12, wherein the measuring the physical characteristics of the PUF devices of the array of PUF devices comprises repeatedly measuring each PUF device and returning values for each measured PUF device based on statistical characteristics of repeated measurements of each measured PUF device.
14. The system of claim 8, wherein the memory includes instructions that, when executed by the processor cause the processor to perform the step of encoding into the first composite encryption key an error correction code.
15. The system of claim 8, wherein the memory includes instructions that, when executed by the processor cause the processor to perform the step of executing an error correction method on the first composite encryption key using parity bits, data helpers, response based cryptographic methods, ternary cryptography, and fuzzy extractors.
16. A device, comprising:
a processor; and
a memory coupled to the processor, the memory storing instructions that, when executed by the processor, cause the processor to perform the steps of:
receiving an initial instruction from a remote computing device;
retrieving first and second bitstreams having different lengths from an addressable cryptographic table by determining first bit values and second bit values stored at addresses belonging to addresses derived from the initial instruction in the addressable cryptographic table;
concatenating the first bitstream with data from the first bitstream to form a data stream having a desired length;
concatenating the second bitstream with data from the second bitstream to form a selector stream having the desired length; and
forming a first composite encryption key having a length longer than a length of the first bitstream and longer than a length of the second bitstream by selecting values of the data stream identified by corresponding bit values of the selector stream
wherein the addressable cryptographic table includes an array of physical unclonable function (“PUF”) devices.
17. The system of claim 16, wherein the memory includes instructions that, when executed by the processor cause the processor to perform the steps of:
determining, as the different lengths of the first and second bitstream, two co-prime integers; and
selecting a product of the different lengths as the desired length.
18. The system of claim 16, wherein the memory includes instructions that, when executed by the processor cause the processor to perform the steps of:
selecting a permutation instruction from a set of allowed permutation instructions defined in memory of the computing device,
applying one or more permutation instructions or logical operations to the selector stream to produce additional selector streams; and
forming additional composite encryption keys by selecting values of the data stream identified by corresponding values of respective additional selector strings.
19. The system of claim 18, wherein the applying the one or more permutation instructions or logical operations comprises:
applying a unique permutation function that uniquely reorders values of the selector stream to produce each additional selector stream.
20. The system of claim 16, wherein the retrieving the first and second bitstreams from the addressable cryptographic table comprises:
measuring physical characteristics of PUF devices of the array of PUF devices of the computing device at addresses in the array of PUF devices derived from the initial instruction.
US16/900,671 2019-06-12 2020-06-12 Generation of composite private keys Active 2040-10-30 US11343108B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US16/900,671 US11343108B2 (en) 2019-06-12 2020-06-12 Generation of composite private keys

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201962860474P 2019-06-12 2019-06-12
US16/900,671 US11343108B2 (en) 2019-06-12 2020-06-12 Generation of composite private keys

Publications (2)

Publication Number Publication Date
US20200396091A1 US20200396091A1 (en) 2020-12-17
US11343108B2 true US11343108B2 (en) 2022-05-24

Family

ID=73744765

Family Applications (1)

Application Number Title Priority Date Filing Date
US16/900,671 Active 2040-10-30 US11343108B2 (en) 2019-06-12 2020-06-12 Generation of composite private keys

Country Status (1)

Country Link
US (1) US11343108B2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230188338A1 (en) * 2021-12-10 2023-06-15 Amazon Technologies, Inc. Limiting use of encryption keys in an integrated circuit device

Citations (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5434917A (en) 1993-10-13 1995-07-18 Thomson Consumer Electronics S.A. Unforgeable identification device, identification device reader and method of identification
US20030210783A1 (en) * 2000-07-27 2003-11-13 Ross Filippi Method and system of encryption
US20080044027A1 (en) 2003-10-29 2008-02-21 Koninklijke Philips Electrnics, N.V. System and Method of Reliable Foward Secret Key Sharing with Physical Random Functions
US20110103161A1 (en) * 2008-04-17 2011-05-05 Tuyls Pim T Method of reducing the occurrence of burn-in due to negative bias temperature instability
US20120128151A1 (en) * 2009-08-07 2012-05-24 Dolby International Ab Authentication of Data Streams
US20120131340A1 (en) * 2010-11-19 2012-05-24 Philippe Teuwen Enrollment of Physically Unclonable Functions
US20120183135A1 (en) 2011-01-19 2012-07-19 Verayo, Inc. Reliable puf value generation by pattern matching
US20120265928A1 (en) 2011-04-15 2012-10-18 Kui-Yon Mun Non-volatile memory devices, methods of operating non-volatile memory devices, and systems including the same
US8300450B2 (en) 2010-11-03 2012-10-30 International Business Machines Corporation Implementing physically unclonable function (PUF) utilizing EDRAM memory cell capacitance variation
US20130156183A1 (en) * 2011-12-16 2013-06-20 Yuichi Komano Encryption key generating apparatus and computer program product
US20140093074A1 (en) * 2012-09-28 2014-04-03 Kevin C. Gotze Secure provisioning of secret keys during integrated circuit manufacturing
US20150007337A1 (en) 2013-07-01 2015-01-01 Christian Krutzik Solid State Drive Physical Uncloneable Function Erase Verification Device and Method
US20150071432A1 (en) 2013-09-09 2015-03-12 Qualcomm Incorporated Physically unclonable function based on resistivity of magnetoresistive random-access memory magnetic tunnel junctions
US20150195088A1 (en) 2014-01-03 2015-07-09 William Marsh Rice University PUF Authentication and Key-Exchange by Substring Matching
WO2015105687A1 (en) 2014-01-08 2015-07-16 Stc.Unm Systems and methods for generating physically unclonable functions from non-volatile memory cells
US20150234751A1 (en) * 2012-10-04 2015-08-20 Intrinsic Id B.V. System for generating a cryptographic key from a memory used as a physically unclonable function
US20160042628A1 (en) 2006-06-19 2016-02-11 Rezia Fatima Begum Roston Childcare tracking systems and method
US20160078252A1 (en) * 2014-09-15 2016-03-17 Arm Limited Address dependent data encryption
US20170017808A1 (en) * 2015-07-13 2017-01-19 Texas Instruments Incorporated Sram timing-based physically unclonable function
US20170046129A1 (en) * 2015-08-13 2017-02-16 Arizona Board Of Regents Acting For And On Behalf Random Number Generating Systems and Related Methods
US20180129801A1 (en) * 2016-11-09 2018-05-10 Arizona Board Of Regents On Behalf Of Northern Arizona University Puf-based password generation scheme
US20180145838A1 (en) * 2016-11-18 2018-05-24 Qualcomm Incorporated Message-based key generation using physical unclonable function (puf)
US20180176012A1 (en) * 2016-08-04 2018-06-21 Macronix International Co., Ltd. Unchangeable physical unclonable function in non-volatile memory
US20180278418A1 (en) * 2016-08-04 2018-09-27 Macronix International Co., Ltd. Physical unclonable function for security key
US20180329962A1 (en) * 2015-11-20 2018-11-15 Intrinsic Id B.V. An assigning device
US20190165956A1 (en) * 2017-11-29 2019-05-30 Taiwan Semiconductor Manufacturing Company, Ltd. Physical unclonable function (puf) security key generation
WO2019140218A1 (en) * 2018-01-12 2019-07-18 Stc.Unm An autonomous, self-authenticating and self-contained secure boot-up system and methods
US20190280858A1 (en) * 2018-03-09 2019-09-12 Arizona Board Of Regents On Behalf Of Northern Arizona University Key exchange schemes with addressable elements
US20200382293A1 (en) * 2019-05-29 2020-12-03 Arizona Board Of Regents On Behalf Of Northern Arizona University Quantum ternary key distribution
US20210281432A1 (en) * 2019-03-13 2021-09-09 Arizona Board Of Regents On Behalf Of Northern Arizona University Physical unclonable function-based encryption schemes with combination of hashing methods
US20210399905A1 (en) * 2020-06-23 2021-12-23 Samsung Electronics Co., Ltd. Integrated circuit for physically unclonable function and method of operating the same

Patent Citations (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5434917A (en) 1993-10-13 1995-07-18 Thomson Consumer Electronics S.A. Unforgeable identification device, identification device reader and method of identification
US20030210783A1 (en) * 2000-07-27 2003-11-13 Ross Filippi Method and system of encryption
US20080044027A1 (en) 2003-10-29 2008-02-21 Koninklijke Philips Electrnics, N.V. System and Method of Reliable Foward Secret Key Sharing with Physical Random Functions
US20160042628A1 (en) 2006-06-19 2016-02-11 Rezia Fatima Begum Roston Childcare tracking systems and method
US20110103161A1 (en) * 2008-04-17 2011-05-05 Tuyls Pim T Method of reducing the occurrence of burn-in due to negative bias temperature instability
US20120128151A1 (en) * 2009-08-07 2012-05-24 Dolby International Ab Authentication of Data Streams
US8300450B2 (en) 2010-11-03 2012-10-30 International Business Machines Corporation Implementing physically unclonable function (PUF) utilizing EDRAM memory cell capacitance variation
US20120131340A1 (en) * 2010-11-19 2012-05-24 Philippe Teuwen Enrollment of Physically Unclonable Functions
US20120183135A1 (en) 2011-01-19 2012-07-19 Verayo, Inc. Reliable puf value generation by pattern matching
US20120265928A1 (en) 2011-04-15 2012-10-18 Kui-Yon Mun Non-volatile memory devices, methods of operating non-volatile memory devices, and systems including the same
US20130156183A1 (en) * 2011-12-16 2013-06-20 Yuichi Komano Encryption key generating apparatus and computer program product
US20140093074A1 (en) * 2012-09-28 2014-04-03 Kevin C. Gotze Secure provisioning of secret keys during integrated circuit manufacturing
US20150234751A1 (en) * 2012-10-04 2015-08-20 Intrinsic Id B.V. System for generating a cryptographic key from a memory used as a physically unclonable function
US20150007337A1 (en) 2013-07-01 2015-01-01 Christian Krutzik Solid State Drive Physical Uncloneable Function Erase Verification Device and Method
US20150071432A1 (en) 2013-09-09 2015-03-12 Qualcomm Incorporated Physically unclonable function based on resistivity of magnetoresistive random-access memory magnetic tunnel junctions
US20150195088A1 (en) 2014-01-03 2015-07-09 William Marsh Rice University PUF Authentication and Key-Exchange by Substring Matching
WO2015105687A1 (en) 2014-01-08 2015-07-16 Stc.Unm Systems and methods for generating physically unclonable functions from non-volatile memory cells
US20160078252A1 (en) * 2014-09-15 2016-03-17 Arm Limited Address dependent data encryption
US20170017808A1 (en) * 2015-07-13 2017-01-19 Texas Instruments Incorporated Sram timing-based physically unclonable function
US20170046129A1 (en) * 2015-08-13 2017-02-16 Arizona Board Of Regents Acting For And On Behalf Random Number Generating Systems and Related Methods
US20180329962A1 (en) * 2015-11-20 2018-11-15 Intrinsic Id B.V. An assigning device
US20180176012A1 (en) * 2016-08-04 2018-06-21 Macronix International Co., Ltd. Unchangeable physical unclonable function in non-volatile memory
US20180278418A1 (en) * 2016-08-04 2018-09-27 Macronix International Co., Ltd. Physical unclonable function for security key
US20180129801A1 (en) * 2016-11-09 2018-05-10 Arizona Board Of Regents On Behalf Of Northern Arizona University Puf-based password generation scheme
US10320573B2 (en) * 2016-11-09 2019-06-11 Arizona Board Of Regents On Behalf Of Northern Arizona University PUF-based password generation scheme
US20180145838A1 (en) * 2016-11-18 2018-05-24 Qualcomm Incorporated Message-based key generation using physical unclonable function (puf)
US20190165956A1 (en) * 2017-11-29 2019-05-30 Taiwan Semiconductor Manufacturing Company, Ltd. Physical unclonable function (puf) security key generation
WO2019140218A1 (en) * 2018-01-12 2019-07-18 Stc.Unm An autonomous, self-authenticating and self-contained secure boot-up system and methods
US20190280858A1 (en) * 2018-03-09 2019-09-12 Arizona Board Of Regents On Behalf Of Northern Arizona University Key exchange schemes with addressable elements
US20210281432A1 (en) * 2019-03-13 2021-09-09 Arizona Board Of Regents On Behalf Of Northern Arizona University Physical unclonable function-based encryption schemes with combination of hashing methods
US20200382293A1 (en) * 2019-05-29 2020-12-03 Arizona Board Of Regents On Behalf Of Northern Arizona University Quantum ternary key distribution
US20210399905A1 (en) * 2020-06-23 2021-12-23 Samsung Electronics Co., Ltd. Integrated circuit for physically unclonable function and method of operating the same

Also Published As

Publication number Publication date
US20200396091A1 (en) 2020-12-17

Similar Documents

Publication Publication Date Title
US11991275B2 (en) System and method for quantum-safe authentication, encryption and decryption of information
US11736460B2 (en) Encryption schemes with addressable elements
US9001998B2 (en) Data encryption and decryption method and apparatus
US8194858B2 (en) Chaotic cipher system and method for secure communication
CN106656475B (en) Novel symmetric key encryption method for high-speed encryption
JP5167374B2 (en) Data encryption device and memory card
US20190207758A1 (en) Generation of keys of variable length from cryptographic tables
EP3157225B1 (en) Encrypted ccnx
US11283633B2 (en) PUF-based key generation for cryptographic schemes
US8942373B2 (en) Data encryption and decryption method and apparatus
US10992463B2 (en) Communication over quantum channels with enhanced performance and security
US11233662B2 (en) Keyless encrypting schemes using physical unclonable function devices
WO2003019842A2 (en) Stream cipher, hash, and pseudo-random number generator
US11496326B2 (en) Physical unclonable function-based encryption schemes with combination of hashing methods
TWI673992B (en) Entwined encryption and error correction
US11936782B2 (en) Secure multi-state quantum key distribution with wavelength division multiplexing
US20230386541A1 (en) Puf applications in memories
US11343108B2 (en) Generation of composite private keys
US9152801B2 (en) Cryptographic system of symmetric-key encryption using large permutation vector keys
US11799674B2 (en) Error correcting schemes for keyless encryption
Bhat et al. Information Security using Adaptive Multidimensional Playfair Cipher.
KR20220137024A (en) Symmetric Asynchronous Generation Encryption Method
JP2015050708A (en) Dynamic encryption key generation system
CN114745118A (en) Key searching method based on hash table index and computer readable storage medium
KR100317250B1 (en) Method of Cryptographing Data

Legal Events

Date Code Title Description
FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

AS Assignment

Owner name: ARIZONA BOARD OF REGENTS ON BEHALF OF NORTHERN ARIZONA UNIVERSITY, ARIZONA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BOOHER, DENNIS D;CAMBOU, BERTRAND F;REEL/FRAME:052934/0346

Effective date: 20200612

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO SMALL (ORIGINAL EVENT CODE: SMAL); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: APPLICATION DISPATCHED FROM PREEXAM, NOT YET DOCKETED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT RECEIVED

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED

STCF Information on status: patent grant

Free format text: PATENTED CASE